What is Spyware?
Spyware is a computer software programme that installs itself without a user's permission and does not inform the user what information it is gathering from the computer and how it is using it.
It transmits collected information to an unauthorised organisation that uses it to make a profit in some way.
It can lead to security issues such as 'Keylogging', 'Confidential Information Leakage' and 'Compromise Computer Security'.

What to do?
To prevent spyware installation without your consent, remember not to download any freeware onto computer that you use to access Internet banking.
Always run an anti-virus software program and/or anti-spyware software before you download other programs or open emails.
Update your anti-virus software and Windows security patches.
Change your Internet banking password REGULARLY to protect your personal data.

Mobile Banking

What specific security measures should I take for accessing Hang Seng Personal e-Banking via mobile handsets?

(1) You should install virus detection software on your mobile handset to protect against viruses such as trojan horses. You should update this software regularly to ensure you have the best possible protection.(2) You should download and apply security updates and patches to your mobile browser when they are made available. These are designed to provide you with protection from known possible security problems.(3) To prevent viruses or other unwanted problems, do not open attachments from unknown or untrustworthy sources.(4) Do not install pirated software or software from unknown sources.(5) Know everyone who uses your mobile handset and limit unauthorised access.(6) Do not leave your mobile phone unattended during an open Personal e-Banking session. Always disconnect from the Internet when you have finished your Personal e-Banking session.(7) Do not perform transactions or applications in public places to minimise the risk of security threats such as "shoulder surfing" of logon credentials.(8) Do not logon to Hang Seng Personal e-Banking from a mobile handset that is shared with other people, as it may be difficult to ensure the handset is free of hacker or spyware programmes.(9) Ensure all other Internet sessions are closed before you logon to Hang Seng Personal e-Banking. While you have a Personal e-Banking session open, we recommend you do not open other Internet browser sessions and access other sites. This can help to ensure your financial information remains confidential and guard against unauthorised access via other websites.(10) Type in the URL https://mobile.hangseng.com (for Mobile Trading) or http://www.hangseng.com and click on "Apply for Travel Insurance" (for Travel Insurance application) to guarantee that you are accessing the authentic sites of Hang Seng Bank. Bookmark this URL to your favourites and use this bookmark to access the site in the future.(11) Always remember to log off properly using the "Logoff" button when you have finished your Personal e-Banking session.(12) Review your account regularly and always keep good records of your personal finances.(13) Be aware of the potential for fraudulent SMS messages. The Bank will never request or invite customers to logon to its Personal e-Banking service via a SMS message.(14) To minimise the risks should your mobile phone be lost or stolen, do not save your Personal e-Banking User Name or Password in the phone’s T9 dictionary.(15) You can set a password/PIN lock on your mobile phone to provide additional protection.(16) Check that the security padlock on your internet browser is “locked” to ensure the connection is secure and protected by SSL. You should also check that the domain of the URL is https://mobile.hangseng.com.(17) If you leave your mobile handset idle for a certain period of time during a Personal e-Banking session, the session will automatically be terminated to help prevent unauthorised access.(18) You should not choose a device passcode that can be easily guessed by anyone else or tell anyone else what your device passcode is.(19) You should ensure that you do not store anyone else's fingerprint within your mobile handsets.(20) For online security information for general Internet users and general online security tips, please refer to here for details. You may want to print a hard copy of this security information page for reading offline.
For iPhone user:
If you are using iPhone for Hang Seng Forex Margin Trading, you should also be aware of:

• To guarantee that you are installing the genuine Hang Seng Forex Margin Trading iPhone App, type in and search the keyword "Hang Seng Forex Margin Trading" in Apple App Store. Ensure that the name of the iPhone App is "恒生外匯孖展買賣 Hang Seng Forex Margin Trading" and the provider is "Hang Seng Bank Limited" before you install the App. Never download Hang Seng Forex Margin Trading iPhone App from other sources.• Do not install software which may weaken your iPhone's security.

Online Securities Trading

• In order to enhance internet banking and online securities trading security, you can register to use Security Device* when performing securities trading. After registration, if you logon to e-Banking using a dual password, you will be prompted to use the Security Device* for the first trading transaction in the same e-Banking logon session. Please click here to learn more.• Set e-Banking passwords that are difficult to guess and different from the ones you use for other internet services, e.g. use a combination of letters, numerals and symbols.• Maintain valid mobile phone number and email address with the Bank.• Check SMS messages issued by the Bank in a timely manner and verify your transaction records. Inform your bank immediately in case of any suspicious activities.• Check e-Banking accounts from time to time and review any alert messages and statements issued by the Bank in a timely manner.• Install and promptly update security software and anti-virus software to protect your computers and mobile phones.• Refrain from using public computers or public Wi-Fi to access e-Banking accounts.
*Security Device including a physical Security Device or Mobile Security Key, used to generate the Security Code

For non-personal customers, the Authorised Hang Seng Cardholder must be the Primary User or Secondary User of Hang Seng Business e-Banking or the Authorised Phone Banking User who may operate the relevant account(s) through such channel in order to activate the overseas ATM daily cash withdrawal limit of such account(s) via such channel.

Cards

Important points regarding your ATM Card and Card PIN
Here are some important hints to help ensure the security of ATM Card (Card) and PIN:

• At all times take reasonable steps to keep your Card safe and PIN secret to prevent fraud.• Upon receipt of your new / reset PIN from us, immediately change your PIN at our ATM. Destroy your PIN advice and memorise the new PIN.• Do not write down the PIN on your Card or on anything usually kept with or near it or record the PIN without disguising it.• Never disclose your PIN to anyone, including our staff, nor let anyone else see your PIN when you are using an ATM or other electronic payment terminal.• Do not allow anyone else to use your Card and PIN.• The use of easily accessible personal information such as identity card number, phone number and date of birth as your PIN is NOT recommended.• For your own protection, change your PIN periodically at our ATM, and do not choose the same PIN for accessing other services.• Please cover the keypad when entering your PIN.• If you incorrectly key in your PIN 3 consecutive times, your Card will be inoperative.• Always remember to remove your Card and advice after completing your transaction.• If your Card or PIN is lost or stolen, you should report it immediately to our 24-hour Lost Card Hotline on 2836 0838. To ensure immediate handling and maximum protection, please do not report your card loss by fax.• Please refer to the security advice provided by us at our Security & Fraud Centre at hangseng.com from time to time.
Warning: You may be held liable for all losses if you have acted fraudulently or with gross negligence, or failing to follow our fraud prevention advice set out above, and such failure has incurred losses.

Phone Banking

Important points regarding your Phone PIN
A Phone PIN will be issued to Integrated Account holders upon account opening. Non-integrated Account holders can set up the Phone PIN via our ATM directly. This Phone PIN will allow you to gain access to the Phone Banking Services.

To protect your own interests, it is important to note the following points:

• At all times take reasonable steps to keep Phone PIN secret to prevent fraud.• Upon receipt of your new / reset Phone PIN from us, immediately change your Phone PIN via our 24-hour Phone Banking Hotlines on 2998 9188 (Prestige Banking Customers) / 2822 8228 (Preferred Banking Customers) / 2912 3456 (Integrated Account Customers) or at our ATM. Destroy your PIN advice and memorise the new PIN.• Do not write down the Phone PIN on your card or on anything usually kept with or near it or record the PIN without disguising it.• Never disclose your Phone PIN to anyone, including our staff, nor allow anyone else to use your Phone PIN.• The use of easily accessible personal information such as identity card number, phone number and date of birth as your Phone PIN is NOT recommended.• For your own protection, change your Phone PIN periodically via our Phone Banking Hotlines or our ATMs.• If you incorrectly key in your Phone PIN for 4 consecutive times, your Phone Banking Service will be temporarily suspended.• If your Phone PIN is suspended or forgotten, reset your PIN via our ATM using the respective card or contact us at any of our branches.• If your Phone PIN is lost or stolen, or unauthorized transaction is recorded, you should report it immediately to our Phone Banking Hotlines on 2998 9188 (Prestige Banking Customers) / 2822 8228 (Preferred Banking Customers) / 2912 3456 (Integrated Account Customers) / 2822 0228 (Other Customers).• Please refer to the security advice provided by us at our Security & Fraud Centre at hangseng.com from time to time.
Warning: You may be held liable for all losses if you have acted fraudulently or with gross negligence, or failing to follow our fraud prevention advice set out above, and such failure has incurred losses.

Email and SMS

Short Messaging Service (SMS)
Occasionally, our bank would send SMS to customer registered mobile phone numbers for selected card and banking transactions for notification purpose. To protect your interests, please ensure your mobile phone number registered with the Bank is valid and up-to-date. To enquire or get a 'Change Contact Information' form, please visit any Hang Seng Bank branch or download the form from the 'Personal Banking Forms' page.

You can verify the hotline number shown in the SMS messages (if any) with us by calling 2822 0228 or simply call the banks’ hotline numbers at the back of ATM/credit cards.

Fraudulent e-mails
Beware of fraudulent e-mails that claim to have been sent by employees of Hang Seng Bank.

There have recently been fraudulent e-mails in circulation which claim to be issued by directors/senior executives/employees of Hang Seng Bank. Typically, recipients of these e-mails are invited to claim a large sum of money held in the name of an account-holder since deceased, by posing as his next-of-kin. The recipients are asked to provide the issuer with their personal details.

Please note that these e-mails were not issued by Hang Seng or its employees. Hang Seng has already reported the cases to the Hong Kong Police for investigation. If you receive e-mails of this kind you may wish to contact the Hong Kong Police.

Hang Seng Bank wishes to remind customers to remain vigilant in safeguarding their banking credentials such as e-Banking usernames, passwords and other sensitive account information and not to disclose any such information to third parties. More